The Christmas Phishing Campaigns Are In Full Swing

I’ve been receiving plenty of reports lately about phishing mail – both email and, surprisingly, paper mail. Every two-bit scumbag wants to see how many people he can suck in to divulging personal and financial info before Christmas.

Everyone should be extra careful when receiving any kind of email asking for payment. Before clicking on any link or opening any attachment in such an email, ask yourself:

Do I remember dealing with this company?

Do I remember dealing with this person?

Was I expecting an invoice, request, or receipt?

Clicking on a link or an attachment in these mails is a fast track to a nasty malware infection. Giving them any information is a trip to Fraudville down the Identity Theft Highway. Save yourself the hassle: don’t click, don’t respond.

This applies when you receive these things at work as well – a common tactic these miscreants use is to send fake invoices for smallish amounts to companies, and a good many companies will pay them without question as long as they look real enough.

If you get one of these mails that purports to come from a recognized brand (a bank, a clearing house, a big company, etc.) don’t be afraid to contact that company’s security directly. They want to know when their name/brand is being abused for this purpose.